A forum for reverse engineering, OS internals and malware analysis 

Forum for analysis and discussion about malware.
 #18294  by Squirl
 Thu Feb 21, 2013 8:45 pm
NBC[dot]com exploit (RedKit) payload attached.

It attempts to assemble some binary code from base64 encoded streams and some actual raw hex - I've not got around to looking at this indepth, yet.

Enjoy :D
Attachments
Password: infected
(25.47 KiB) Downloaded 62 times
 #18295  by reverser
 Fri Feb 22, 2013 4:07 am
Looks like the dropper URL (hxxp://symptomshighbloodpressure.org/62.html) is down. Anyone saved it?